Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 13, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2491 8.1 重要
Network 		レッドハット Quay レッドハットのQuayにおけるセッション期限に関する脆弱性 CWE-613
不適切なセッション期限 		CVE-2026-6848 2026-05-22 10:52 2026-04-22 Show GitHub Exploit DB Packet Storm
2492 7.1 重要
Local 		レッドハット Red Hat Enterprise Linux AI
InstructLab 		レッドハットのRed Hat Enterprise Linux AI等の複数製品におけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-6855 2026-05-22 10:52 2026-04-22 Show GitHub Exploit DB Packet Storm
2493 6.5 警告
Adjacent 		Mozilla Foundation Mozilla Firefox Mozilla FoundationのMozilla Firefoxにおける複数の脆弱性 CWE-200
CWE-306
CVE-2026-8706 2026-05-22 10:52 2026-05-19 Show GitHub Exploit DB Packet Storm
2494 3.1
Network 		EMQX emqx EMQXのemqxにおける競合状態に関する脆弱性 CWE-362
競合状態 		CVE-2026-8741 2026-05-22 10:52 2026-05-17 Show GitHub Exploit DB Packet Storm
2495 9.1 緊急
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品における過度に許容されるクロスドメインホワイトリストに関する脆弱性 CWE-942
過度に許容されるクロスドメインホワイトリスト 		CVE-2026-8948 2026-05-22 10:52 2026-05-19 Show GitHub Exploit DB Packet Storm
2496 7.5 重要
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品における整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-8949 2026-05-22 10:52 2026-05-19 Show GitHub Exploit DB Packet Storm
2497 9.3 緊急
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品における同一生成元ポリシー違反に関する脆弱性 CWE-346
同一生成元ポリシー違反 		CVE-2026-8950 2026-05-22 10:52 2026-05-19 Show GitHub Exploit DB Packet Storm
2498 6.5 警告
Network 		Mozilla Foundation Mozilla Firefox Mozilla FoundationのMozilla Firefoxにおけるスプーフィングによる認証回避に関する脆弱性 CWE-290
スプーフィングによる認証回避 		CVE-2026-8951 2026-05-22 10:52 2026-05-19 Show GitHub Exploit DB Packet Storm
2499 8.8 重要
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品における権限管理に関する脆弱性 CWE-269
不適切な権限管理 		CVE-2026-8952 2026-05-22 10:52 2026-05-19 Show GitHub Exploit DB Packet Storm
2500 8.8 重要
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品における権限管理に関する脆弱性 CWE-269
不適切な権限管理 		CVE-2026-8955 2026-05-22 10:52 2026-05-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2781 9.6 CRITICAL
Network 		cline cline Cline is an autonomous coding agent as an SDK, IDE extension, or CLI assistant. In versions 2.13.0 and prior, there is a cross-origin WebSocket hijack vulnerability in Cline Kanban servers. At time o… CWE-306
CWE-1385
Missing Authentication for Critical Function
 Missing Origin Validation in WebSockets 		CVE-2026-44211 2026-06-4 04:52 2026-06-2 Show GitHub Exploit DB Packet Storm
2782 9.1 CRITICAL
Network 		projectcapsule capsule Capsule is a multi-tenancy and policy-based framework for Kubernetes. The Capsule Controller runs with cluster-admin privileges. Although the TenantResource RawItems processing logic forcibly sets th… CWE-20
CWE-863
 Improper Input Validation 
 Incorrect Authorization 		CVE-2026-22872 2026-06-4 04:40 2026-06-2 Show GitHub Exploit DB Packet Storm
2783 4.9 MEDIUM
Network 		redhat build_of_keycloak A flaw was found in Keycloak. A remote attacker with high privileges, such as a realm administrator configuring a malicious Lightweight Directory Access Protocol (LDAP) server or an attacker compromi… CWE-1284
 Improper Validation of Specified Quantity in Input 		CVE-2026-9801 2026-06-4 04:38 2026-05-28 Show GitHub Exploit DB Packet Storm
2784 4.3 MEDIUM
Network 		redhat build_of_keycloak A flaw was found in Keycloak, an open-source identity and access management solution. When a user account is temporarily locked due to repeated failed login attempts, an attacker with valid client cr… CWE-305
 Authentication Bypass by Primary Weakness 		CVE-2026-9798 2026-06-4 04:38 2026-05-28 Show GitHub Exploit DB Packet Storm
2785 6.5 MEDIUM
Network 		redhat build_of_keycloak A flaw was found in Keycloak. An authenticated administrator with the `manage-clients` role can exploit a Time-of-check to time-of-use (TOCTOU) vulnerability in the name-based admin role checks. This… CWE-367
 Time-of-check Time-of-use (TOCTOU) Race Condition 		CVE-2026-9796 2026-06-4 04:38 2026-05-28 Show GitHub Exploit DB Packet Storm
2786 7.3 HIGH
Network 		redhat build_of_keycloak A flaw was found in Keycloak's Fine-Grained Admin Permissions (FGAPv2) feature. An administrator with limited client management permissions can exploit this vulnerability to assign any realm role, in… CWE-266
 Incorrect Privilege Assignment 		CVE-2026-9795 2026-06-4 04:38 2026-05-28 Show GitHub Exploit DB Packet Storm
2787 5.3 MEDIUM
Network 		redhat build_of_keycloak A flaw was found in Keycloak. A remote, unauthenticated attacker can exploit this vulnerability by sending specially crafted SOAP requests to the SAML ECP (Security Assertion Markup Language Enhanced… CWE-209
Information Exposure Through an Error Message 		CVE-2026-9794 2026-06-4 04:37 2026-05-28 Show GitHub Exploit DB Packet Storm
2788 6.5 MEDIUM
Network 		redhat build_of_keycloak A flaw was found in Keycloak's Client Policies, specifically within the `org.keycloak.protocol.oidc` component. When certain condition providers (client-type, client-roles, client-attributes, client-… CWE-280
Improper Handling of Insufficient Permissions or Privileges  		CVE-2026-9792 2026-06-4 04:37 2026-05-28 Show GitHub Exploit DB Packet Storm
2789 6.8 MEDIUM
Network 		redhat build_of_keycloak A flaw was found in Keycloak. When revokeRefreshToken=true is enabled and persistent session storage is in use, a server restart can reset internal timing mechanisms. This allows a remote attacker, w… CWE-613
 Insufficient Session Expiration 		CVE-2026-9802 2026-06-4 04:36 2026-05-28 Show GitHub Exploit DB Packet Storm
2790 7.5 HIGH
Network 		winmtr winmtr WinMTR 0.91 contains a denial of service vulnerability that allows attackers to crash the application by sending a malformed payload file containing a large buffer of repeated characters. Attackers c… CWE-120
Classic Buffer Overflow 		CVE-2018-25426 2026-06-4 04:31 2026-05-31 Show GitHub Exploit DB Packet Storm